Privacy Policy

Effective date: October 3, 2025

This Privacy Policy explains how NILAC (“we,” “our,” “us”) collects, uses, and shares information when you use our websites, products, and services (the “Services”). It is written for athletes, families, and brand partners. This is general information—not legal advice.

On this page:

Information we collect
How we use information
How we share information
Cookies & analytics
Retention
Security
Children’s privacy
Your privacy rights
International transfers
Changes to this policy
Contact us

Information we collect

Information you provide (for example): name, email, phone, school, sport, class year, profile/biography, social handles, links, uploaded media, availability, and preferences; messages you send us; forms you submit; and (if applicable) payment-related details handled by our payment processor.

Information collected automatically: device and log information (IP address, browser type, pages viewed, referring/exit pages, timestamps), approximate location, and usage data. We use cookies and similar technologies—see Cookies & analytics.

Information from third parties: if you choose to connect or share, we may receive information from platforms (e.g., social networks, analytics tools) and from brand partners regarding campaigns you engage in. When you follow links to third-party tools (e.g., NIL Go for compliance filing), their privacy policies apply.

How we use information

Provide, operate, and improve the Services
Create and manage accounts and profiles
Facilitate introductions and communications between athletes and brands you choose to engage with
Personalize content, organize offers, and streamline workflows (e.g., templates, reminders)
Monitor performance and usage (e.g., analytics, diagnostics)
Detect, prevent, and address security or fraud issues
Comply with legal obligations and enforce terms
Communicate with you about updates, features, and support (you can manage preferences at any time)

For users in the EEA/UK, we process personal data based on: contract necessity, legitimate interests (e.g., service improvement, security), consent (where required), and legal obligations.

With brand partners when you opt to share your profile, submit an offer, or engage in a campaign.
With service providers that help us run the Services (hosting, analytics, messaging, payment processing, support). They are bound by confidentiality and only process data per our instructions.
Compliance tools (e.g., NIL Go) when you choose to file disclosures—those tools are governed by their own policies.
Legal and safety when required by law or to protect rights, safety, and integrity of the Services.
Business transfers (e.g., merger, acquisition, reorganization); data may be transferred as part of the transaction.
With your consent or at your direction.

We do not sell personal information for money. We also do not engage in cross-context behavioral advertising. If this changes, we will update this policy and provide any required opt-out mechanisms.

Cookies & analytics

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how people use our site. You can manage cookies through your browser settings; disabling some cookies may reduce functionality.

Required: essential for sign-in, security, and basic features.
Functional: remember preferences and improve experience.
Analytics: help us understand usage and improve performance.

Data retention

We keep personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. We delete or de-identify information when it is no longer required.

Security

We apply administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Children’s privacy

Our Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided information, contact us and we will take appropriate action. Where parental consent is required by law (e.g., under 16 in certain regions), we will request it before processing.

Your privacy rights

Depending on where you live, you may have rights to request access, correction, deletion, portability, or to object/restrict certain processing. You may also withdraw consent where processing is based on consent.

EEA/UK: GDPR rights to access, rectify, erase, restrict/oppose processing, and data portability.
California: rights to know, delete, correct, and to limit use/disclosure of sensitive information. We do not sell/share personal information for cross-context behavioral advertising.

To exercise rights, email us at privacy@nilac.com. We will verify your request and respond within the time required by applicable law. You may designate an authorized agent as permitted by law.

International transfers

We may process information in countries other than your own. Where required, we rely on appropriate safeguards (e.g., standard contractual clauses) for data transfers.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the new date at the top and, if changes are material, provide additional notice.

Contact us

Questions or requests? Email privacy@nilac.com.